Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Copy of Windows not gneuine after trying to remove malware

Hello, yesterday I inadvertently started to install the malware from Web Protect for Windows. I ended the installation, after my Ad-Aware Antivirus flagged and deleted files, but it had already altered my Internet Explorer 11, but not my Firefox. I have run Malware Bytes, Super Antispyware, and CCleaner several times each and they removed several things. The program is still in my Programs List and if I try to uninstall it, it acts like it is trying to install. I tried running a system restore, but it fails saying a program, likely an antivirus is preventing it from completing. I tried turning off Ad-aware and turning on Windows Defender, but got the same message. For some reason only 2 restore points are listed for 9/23/14, all others are gone...

I tried following the removal guide here: How Do I Fully Remove Web Protect Adware
but didn't find most the files it said to remove, probably because the program did not install all the way. I did find one folder (Web Protect or something similar) with a lot of stuff in it, including the install and uninstall files, and deleted it.
However, I cannot access some of the folders, (%documents and settings) even though I am logged in as Administrator. Also I could not find the items in the Registry is says to remove either.

I did find two files under Windows\System32 that looked suspicious to me, as they were last modified 9/23/14 around the same time I got the malware and I deleted them to the recycle bin. They are C7483456-A289-439d-8115-601632D00A0 files.

This morning my desktop background is black with little white text saying my copy of windows is not genuine, and I get periodic messages about it. I looked online and it looks like those 2 files are windows validation files or something, so I tried to restore them. The recycle bin tells me those files already exist and asks if I want to overwrite. When I say yes it says I don't have permission and then does nothing.

I still don't know for sure if the malware is still on the computer, though my anti-spyware programs aren't detecting anything anymore

How can I fix this problem? I more concerned that I messed up windows than about the malware now.

Hi Gator thanks for your reply. While the command prompt was completing I followed Method 1 of the guide you posted and reentered my product key. It told my it was not genuine still, but took me online to validate it. This seems to have worked, as it took me to the offer page for Microsoft Security Essentials and said since I was a valid user I get free access. My desktop is still black but the little message in the corner that said it was not genuine is gone. Hopefully everything is good now, but I attached the cbs.txt file just in case.

Hi Gator thanks for your reply. While the command prompt was completing I followed Method 1 of the guide you posted and reentered my product key. It told my it was not genuine still, but took me online to validate it. This seems to have worked, as it took me to the offer page for Microsoft Security Essentials and said since I was a valid user I get free access. My desktop is still black but the little message in the corner that said it was not genuine is gone. Hopefully everything is good now, but I attached the cbs.txt file just in case.

Go to Start > Right-click on Computer > Click Properties

This will take you to an overview of your PC and OS, down at the bottom has activation information, it should say "Windows is activated" with a product ID (which is not the same as your product key, technically)

The black screen is just left over from the Windows Genuine warning. Simply change it back to whatever background you want.

Gator, Windows says it is activated now, so looks like that issue is fixed. Do you know if it would be safe to delete those C7483456-A289-439d-8115-601632D00A0 files from my recycle bin now? Thanks again.

Layback Bear, Thanks for the suggestion, but all my restore points prior to yesterdays date, 9/23/14, have vanished so I cannot restore to a point where I didn't have Ad-aware. Checking the show other restore points box does nothing.
Hopefully I don't need to do that anyway. Ad-Aware, Super Antispyware, Malwarebytes, and CCleaner are not detecting any more issues, so hopefully I managed to stop the Web Protect adware before it could fully do its thing.

Please post a new MGADiag report - this sequence of events seems a little strange to me, and I'm a bit concerned about the outcome. (Even if it looks OK currently, it could go bad again, without further investigation)

PSU n/a Hard Drives 750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB on the Lenovo Internet Speed as much as I can get - usually on a dongle, so <1Mb/s Antivirus MSE Browser IE11/Chrome/FF(if I must)

PSU n/a Hard Drives 750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB on the Lenovo Internet Speed as much as I can get - usually on a dongle, so <1Mb/s Antivirus MSE Browser IE11/Chrome/FF(if I must)

la.flvmplayer.exe Malware - How To remove?This nuisance la.flvmplayer.exe (trojan?) arrived on my computer piggy backing on a legitimate d/load (a video I believe).
It causes the browser to open several windows with ads and promotions.
I can't find the file as no doubt it has disguised itself. Running a full scan with Lavasoft Adaware...

System Security

Cannot remove Conduit malwareHi guys,
Hopefully someone out there can give me a hand. I've checked many websites but I'm not really able to find a good answer to my problem.
I have a PC, running windows 7 ultimate 64bit, that has the conduit malware on it. Our work antivirus/malware, Webroot, detects it but is unable to...

System Security

Remove malware by formattingHi,
When the C: and D: drives are infected, the formatting of them can kill all the malware existing on those two?
Machine: Windows 7.

unable to remove malware? bug?not sure how but ive picked up what i think is some malware. its an add-on tool bar called 'searchqu' and is by 'bandoo media inc'
i noticed it in my toolbar and deactivated it but my computer was progressively slower than normal. i decided to look into it when i kept getting 'windows explorer...